Please remember to print your answer for each day's paper question on a sheet
of paper and hand it in at the beginning of class.

Implementing remote procedure calls
The RPC package described in the paper provides at-most-once semantics
(see page 49, last paragraph).
Based on the introduction section of lab
1, what kind of semantics do you think the 6.824 RPC
implementation has (before you change it by completing lab 1)?
How does this difference affect the implementation of
your lock server for lab 1?

Memory Coherence in Shared Virtual Systems
The write fault handler in Section 3.1 ends by sending a confirmation
to the manager, and that the "Write server" code on the manager waits
for this confirmation. Suppose you eliminated this confirmation (both
the send and the wait) from the system. Describe a scenario in which
lack of the confirmation would cause the system to behave
incorrectly. You can assume that the network delivers all messages,
and that none of the computers fail.

Distributed Shared Memory on
Standard Workstations and Operating Systems
Suppose that a simplified version of Treadmarks, called Dreadmarks,
simply sent all modifications of variables between an acquire and a
release to the next processor to acquire the same lock. No other
modifications are sent. What changes does Treadmarks send that
Dreadmarks does not? Outline a specific simple situation in which
Treadmarks would provide more useful or intuitive memory behavior than
Dreadmarks.

Managing Update Conflicts in Bayou
Suppose we build a distributed filesystem using Bayou, and the
system has a copy operation. Initially, file A contains "foo"
and file B contains "bar". On one node, a user copies file A
to file B, overwriting the old contents of B. On another node, a
user copies file B to file A. After both operations are committed, we
want both files to contain "foo" or for both files to contain
"bar". Sketch a dependency check and merge procedure for the
copy operation that makes this work. How does Bayou ensure that
all the nodes agree about whether A and B contain "foo" or
"bar"?

Reimplementing the Cedar File System Using Logging and Group Commit
At the end of Section 4, the paper says that during a one-byte file
create FSD writes the leader+data page synchronously to the disk, but
records the update to the file name table in memory and only writes it
back to disk later. Why do you suppose the FSD designers decided to
write the data page synchronously? What (if anything) might go wrong
if FSD instead wrote the file's data in the in-memory disk cache, and
only wrote it to disk later?

Hypervisor-based
Fault-tolerance
Suppose that instead of connecting both the primary and backup to the
same disk, we connected them to separate disks with identical copies
of the data? Would this work? What else might we have to worry about,
and what are some things that could go wrong?

Paxos Made Simple
Suppose that the acceptors are A, B,
and C. A and B are also
proposers, and there is a distinguished learner L. According to
the Paxos paper, a value is chosen when a majority of acceptors
accept it, and only a single value is chosen. How does Paxos
ensure that the following sequence of events can't happen?
What actually happens, and which value is ultimately chosen?

A proposes sequence number 1, and gets responses
from A, B, and C.

A sends accept(1, "foo") messages
to A and C and gets responses from both.
Because a majority accepted, A tells L
that "foo" has been chosen.
However, A crashes before sending an accept to B.

B proposes sequence number 2, and gets responses
from B and C.

B sends accept(2, "bar") messages
to B and C and gets responses
from both, so B tells L that "bar" has been chosen.

Frangipani: A Scalable Distributed File System
Suppose a server modifies an i-node, appends the modification to its
log, then another server modifies the same i-node, and then the first
server crashes. The recovery system will see the i-node modification
in the crashed server's log, but should not apply that log entry to
the i-node, because that would un-do the second server's change. How
does Frangipani avoid or cope with this situation?

Democratizing content publication with Coral
The Coral paper mentions in Sections 2.3 and 4.2 that Coral's
``sloppy'' DHT can store multiple different values for each key. What
would break, or not work as well, if Coral's DHT only stored one value
for each key?

Secure Untrusted Data Repository (SUNDR)
In the simple straw-man, both fetch and modify operations are placed
in the log and signed. Suppose an alternate design that only signs and
logs modify operations. Does this allow a malicious server to break
fetch-modify consistency or fork consistency? Why or why not?

Practical Byzantine Fault Tolerance
Suppose that we eliminated the pre-prepare phase from BFT. Instead,
the primary multicasts a PREPARE,v,n,m
message to the replicas, and the replicas multicast COMMIT
messages and reply to the client as before.
What could go wrong with this protocol? Give a short
example, e.g., ``The primary sends foo, replicas 1 and 2 reply
with bar...''

Tor: The Second-Generation Onion Router
Consider users that employ TOR to read their email via an unencrypted
IMAP connection. Does TOR guarantee complete anonymity for these
users? If so, please explain why. If not, what information could the
attacker learn about the user, and how might it do so?

a) The analysis of A* search shown in Figure 1 claims to be an
introspective visualization of the AnalogicFS methodology; however,
not all decisions are depicted in the figure. In particular, if I
<= P, what should be the next node explored such that all
assumptions in Section 2 still hold? Show your work.

b) Despite the authors' claims in the introduction that
AnalogicFS was
developed to study SCSI disks (and their interaction with lambda
calculus), the experimental setup detailed in Section 4.1 involves
decommissioned Gameboys instead, which use cartridge-based, Flash-like
memory. If the authors had used actual SCSI disks during the
experiments, how exactly might have their results changed
quantitatively?

c) AnalogicFS shows rather unstable multicast algorithm
popularity (Figure 5), especially compared with some of the previous
systems we've read about in 6.824. Give an example of another system
that would have a more steady measurement of popularity pages,
especially in the range of 0.1-0.4 decibels of bandwidth.

d) For his 6.824 Lab 9 project, Ben Bitdiddle chose to extend
YFS such
that it faithfully emulates the constant expected seek time across
LISP machines, as AnalogicFS does. Upon implementation, however, he
immediately ran into the need to cap the extent size to 400 nm, rather
than 676 nm. Explain what assumptions made for the AnalogicFS
implementation do not hold true for YFS, and why that changes the
maximum extent size.